It audit and compliance analyst

Posted: Nov. 7, 2022, 7:01 a.m. - Full Time - Pune

Job Description Primarily responsible for implementation & governance of security policies and standards across the company, including but not limited to software engineering, finance, operations, IT etc.

What you will do

  • Perform internal audits and ensure compliance against policies and external laws.

  • Maintain the audit calendar & program and provide periodic reports to stakeholders.

  • Improve on reporting mechanisms for the audit function

  • Track remediation of any findings from internal or external assessments.

  • Manage the audit risk assessment program

  • Identify security risks and develop solutions to eliminate or minimize risks.

  • Contribute to the data risk management program

  • Support the team in risk management activities

  • Support the vendor risk / third party risk management program across the organization

  • Assist with successful implementation and enforcement of security policies and procedures across old & new technologies / systems/ environments.

  • Participate with the implementation of security initiatives

  • Support team to implement the GRC initiatives with respect to audit programs

Experience Range

2-4 years with practical information security, privacy, audit and risk management experience in a regulated / banking environment.

Technical Expertise

  • Information Security concepts, Risk Management methodology.

  • 2+ years in an Information Security role with progressive experience in the following areas :

  • Audits and assessments - information security, network security, application security, physical security, privacy etc.

  • Knowledge of various standards like ISO 27K, PCI-DSS, etc.

  • Moderate-level knowledge of and experience with: TCP/IP architecture, routing protocols and network security concepts

  • Windows OS, GPO, DNS DHCP and Active Directory security concepts

  • Application Security concepts from an audit perspective

  • MS Office (Word, Excel, PowerPoint)

  • Excellent organization, communication, and presentation skills with the right attitude

  • Experience in the financial services / Banking industry is preferred

  • ISO 27001 LA / LI Certification is an added advantage.